In this post, we explore an Android Stack Overflow vulnerability within a server-client chat messaging application. By analyzing the native code and leveraging vulnerabilities such as format string and stack buffer overflow, we develop an exploit using pwntools to gain control of the target system. Throughout the process, we also examine security features like RELRO, stack canaries, and NX to understand the defenses in place and how to bypass them.

My journey into Android exploitation at the binary level started with a deep passion for the subject. I was determined to simplify the process as much as possible, but it turned out to be quite challenging.